[AlHogail, A. (2015). Design and validation of information security culture framework., Computers in Human Behavior, 49, 567- 575.10.1016/j.chb.2015.03.054]Search in Google Scholar
[Beckers K., Côté I., Fenz S., Hatebur D., Heisel M. (2014) A Structured Comparison of Security Standards. In: Heisel M., Joosen W., Lopez J., Martinelli F. (eds) Engineering Secure Future Internet Services and Systems. Lecture Notes in Computer Science, 8431, Springer, Cham.10.1007/978-3-319-07452-8_1]Search in Google Scholar
[Da Veiga, A., Martins, N. (2015a). Improving the information security culture through monitoring and implementation actions illustrated through a case study. Computers & Security, 49, 162-176.10.1016/j.cose.2014.12.006]Search in Google Scholar
[Da Veiga, A., Martins, N. (2015b). Information security culture and information protection culture: A validated assessment instrument. Computer Law & Security Report, 31, 243-256.10.1016/j.clsr.2015.01.005]Search in Google Scholar
[Grance, T., Hash, J., Stevens, M., O’Neal, K., Bartol, N. (2003). SP 800-35 - Guide to Information Technology Security Services. Special Publication 800-35. National Institute of Standards and Technology - Technology Administration, U.S. Department of Commerce.10.6028/NIST.SP.800-35]Search in Google Scholar
[Hohan, A.I., Olaru, M., Pirnea, I.C. (2016). Assessment and continuous improvement of information security based on TQM and business excellence principles, Procedia Economics and Finance, 00, 352-359.10.1016/S2212-5671(15)01404-5]Search in Google Scholar
[Hoppe, O.A., Van Niekerk, J., Von Solms, R. (2002). The effective implementation of information security in organizations. IFIP/SEC2002 Security in the Information Society Visions and Perspectives International Conference, 17th Edition, May 7-9, Cairo, Egypt. 10.1007/978-0-387-35586-3_1]Search in Google Scholar
[ISO/IEC 27001:2013. (2013). Information technology -- Security techniques -- Information security management systems - Requirements. Retrieved from https://www.iso.org/obp/ui/#iso:std:iso-iec:27001:ed-2:v1:en [16.02.2018].]Search in Google Scholar
[ISO/IEC 27002:2013. (2013). Information technology -- Security techniques -- Code of practice for information security controls. Retrieved from https://www.iso.org/obp/ui/#iso:std:isoiec:27002:ed-2:v1:en [16.02.2019].]Search in Google Scholar
[ISO/IEC 27003:2010. (2010). Information technology - Security techniques - Information security management system implementation guidance. Retrieved from https://www.iso.org/obp/ui/#iso:std:iso-iec:27003:ed-2:v1:en [16.02.2018].]Search in Google Scholar
[Kadam, A. (2002). Implementation Methodology for Information Security Management System (to comply with BS 7799 Requirements). GSEC Practical Requirements (v.1.4b), SANS Institute, 2003.]Search in Google Scholar
[Kiehne, J., Ceaușu, I., Arp, A.-K., Schüler, T. (2017). Middle management's role in strategy implementation projects, Proceedings of the International Conference ICBE 11th Edition, March 2017, Bucharest, Romania.10.1515/picbe-2017-0058]Search in Google Scholar
[Maier, D., Olaru, M., Hohan, A., Maier, A. (2013). Development of an Organization by adopting the Integrated Management System, Proceedings of the 9th European Conference on Management Leadership and Governance, Nov 14-15, Klagenfurt, Austria.]Search in Google Scholar
[Moule, B., Giavara, L. (1995). Policies, procedures and standards: an approach for implementation. Information Management & Computer Security, 3 (3), 7-16.10.1108/09685229510092057]Search in Google Scholar
[Safa, N.S., Von Solms, R., Furnell, S. (2016). Information security policy compliance model in organizations. Computers & Security, 56, 1-13.10.1016/j.cose.2015.10.006]Search in Google Scholar
[Safa, N.S., Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442-451.10.1016/j.chb.2015.12.037]Search in Google Scholar
[Siponen, M., Willison, R. (2009). Information security management standards: Problems and solutions. Information & Management, 46 (5), 267 - 270.10.1016/j.im.2008.12.007]Search in Google Scholar
[Soomro, Z.A., Shah, M. H., Ahmed, J. (2016). Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36, 215-225.10.1016/j.ijinfomgt.2015.11.009]Search in Google Scholar
[Vroom C., von Solms R. (2002) A Practical Approach to Information Security Awareness in the Organization. In: Ghonaimy M.A., El-Hadidi M.T., Aslan H.K. (eds.) Security in the Information Society. IFIP Advances in Information and Communication Technology, 86, Springer, Boston, MA. 10.1007/978-0-387-35586-3_2]Search in Google Scholar
[Wood, C. C. (2002). Information Security Policies Made Easy: A Comprehensive Set of Information Security Policies: Version 9.0. PentaSafe Security Technologies.]Search in Google Scholar